The host is missing an important security update according to Mozilla advisory, MFSA2016-80. The update is required to fix a same-origin policy bypass vulnerability. A flaw is present in the applications, which fail to a handle local HTML file and saved shortcut file. Successful exploitation allows remote attackers to bypass same-origin policy and perform data theft.